When looking to change our ASA Firewall, we looked into Palo Alto’s WildFire. It works especially in preventing advanced malware and zero-day exploits with real-time intelligence. The sandbox feature is the most useful in discovering zero-day threats before they can get to users’ systems. One of the features we liked more from WildFire was the multiplatform deployment. It can be deployed on-premises, on the cloud, or in a hybrid system.
Palo Alto protects our network by keeping our cloud service secure across the company. Its price is affordable in relation to other solutions on the market. Wildfire integrates well with other systems of the Palo Alto family. The only downside is that the sandbox requires large file size limits. It could be useful if they provided bare metal analysis. The price is also high, so maybe it is not suitable for very small businesses.
We were using Cisco ASA to provide access to our internal network to remote employees. The hardware is very reliable with almost no failure. Cisco ASA devices can run under extreme conditions without failing. It offers a good level of protection from threats and malware. The system, though, lacks the advanced features of next-generation firewalls. But for companies looking for a basic firewall, it can be a good option.
The thing with Cisco ASA is that it is outdated. The interface hasn’t changed in years. It is complex to configure, too.
Cisco ASA is best suited for small organizations that don’t require a lot of features. However, it is outdated and there are better choices for less money. Palo Alto is a next-generation firewall with advanced threat protection features. The interface is easy to use and you can’t beat the convenience of a cloud-based solution.
What type of network is? how many users?
Fortinet products are unique in that they have specific chips to work on hardware rather than overcharging a CPU to 90%, as happens with some Sophos boxes and others.
Things in the cloud... the cloud is a name, it is software running on someone else's computer system and could be only for you or multi-tenancy. Delays and other dramas may occur.
The question as I was invited to comment :| Which is better, does not tell anything, somehow.
FortiGate has a lot going for it and I consider it to be the best, most user-friendly firewall out there. What I like the most about it is that it has an attractive web dashboard with very easy navigation tabs; It can be managed and controlled using layer two wireless access points; When compared with other firewalls, building IPsec VPN and SSL VPN is much easier; I can configure virtual networks within the same firewall; And, configuration of NAT and static routes are straightforward. I would recommend it to any organization that needs to provide VPN access for their employees.
FortiGate also has many security functions, such as application control, web filtering, IPS, antivirus, etc., that help companies protect their users. The FortiGate solution also helps optimize traffic from user to application via the hybrid WAN environment. I think what I like most about this solution is that I can combine security functions and SD-WAN, which allows me to scan traffic flow but also to protect the local application server or the user.
For me, the downsides of FortiGate are that it happens to include many bugs, and sometimes it can be a challenge to block content from a website with web filtering since web pages contain websites that consume other resources. Moreover, mobile device administration is complicated, and it does not seem to adapt to smartphone or tablet screens very well.
While it isn’t my favorite, WildFire provides the ability to block threats as they travers your network infrastructure both in retro-time and real-time. WildFire also has zero-trust and actively works to inspect traffic for malicious capabilities by forwarding a file to the WildFire cloud, even in the case that it doesn’t recognize what the file is doing. The reason why WildFire is not my first choice is because I feel that it is lacking many features and that they could improve by adding more functionality. But there doesn’t seem like there is a way to either tune or tweak the solution. If implemented correctly, though, it can be a good, robust solution to achieving great endpoint security.
Conclusion: In my opinion, FortiGate is better than Wildfire because FortiGate meets my business needs better and has more appealing feature updates and roadmaps as well as great technical support, all of which are important to me.
Small and big organizations often face targeted attacks. APT groups improve the quality of their operations, causing more serious damage. Timely detection and response, training of personnel, advanced training of information security department employees help reduce the risks associated with targeted attacks.
The growth dynamics of APT (Advanced Persistent Threat) attacks has been declinin...